Traditionally, a major concern of cardholders, merchants, issuers of payment cards (such as credit or debit cards) in a transaction is the security and safekeeping of the financial data transferred between the various entities involved in processing a transaction involving the use of the card. Typically, a primary account number (PAN) associated with the payment card is used to identify the particular cardholder account associated with the card and used for purchase transactions involving the card, as well to identify the cardholder. Since the PAN is typically used as an identifier of the cardholder, services and transactions that may leverage information relating to the purchase transaction have also typically used the PAN as a primary identifier of the cardholder in these other services and transactions.
In an effort to reduce the potential and/or real exposure to credit card fraud involving the misappropriation of PANs, a number of methods and systems have been used to safeguard the acquisition, transmission, and storage of PANs obtained and used in various transactions. Compliance with the applicable rules, standards, and regulations regarding the acquisition, transmission, and storage of PANs tend to be complex and costly to establish and maintain.
Merchants and/or third party servicers may seek to mitigate the risk of fraud by implementing different security mechanisms and features. However, the introduction and acceptance of new and different security mechanisms and features may be time-consuming and costly to implement, particularly if changes are required of processing systems and flows and/or cardholder behavior.
Therefore, it would be desirable to provide improved methods and apparatus for efficiently facilitating and processing card transactions without a reliance on PANs.